What Is Cross-Site Scripting?
ATT&CK techniques detected
T1185Browser Session Hijacking
56%
"victim. the attacker doesn ’ t need to use any tactics to trick or deceive the user. reflected xss attacks reflected xss attacks ( also known as non - persistent ) generally occur in websites that mirror information back to the user, for example, the results of a search query, or…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1539Steal Web Session Cookie
53%
"victim. the attacker doesn ’ t need to use any tactics to trick or deceive the user. reflected xss attacks reflected xss attacks ( also known as non - persistent ) generally occur in websites that mirror information back to the user, for example, the results of a search query, or…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1557Adversary-in-the-Middle
32%
"victim. the attacker doesn ’ t need to use any tactics to trick or deceive the user. reflected xss attacks reflected xss attacks ( also known as non - persistent ) generally occur in websites that mirror information back to the user, for example, the results of a search query, or…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1566.002Spearphishing Link
32%
"victim. the attacker doesn ’ t need to use any tactics to trick or deceive the user. reflected xss attacks reflected xss attacks ( also known as non - persistent ) generally occur in websites that mirror information back to the user, for example, the results of a search query, or…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Learn about cross-site scripting (XSS), how it works, and how to protect against it.